What is claimed is: 

1 1 . A computer program product for efficiently generating pseudo-random bits, the computer 

2 program product embodied on one or more computer readable media and comprising; 

3 computer-readable program code means for providing an input value; and 

4 computer-readable program code means for generating an output sequence of pseudo- 

5 random bits using the provided input value as input to a 1-way function, wherein a length of the 

6 input value is substantially shorter than a length of the generated output sequence. 

1 2. The computer program product according to Claim 1, wherein the 1-way function is based 

O 

; || upon an assumption known as "the discrete logarithm with short exponent" assumption. 

* ^ 

* f 3 . The computer program product according to Claim 1 , wherein the 1 -way function is 
sa 2 modular exponentiation modulo a safe prime number. 

Ul 4. The computer program product according to Claim 3, wherein the input value is used an 

j?s 2 exponent of the modular exponentiation. 

1 5. The computer program product according to Claim 3, wherein a base of the modular 

2 exponentiation is a fixed generator value. 
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6. The computer program product according to Claim 4, wherein the length of the input 
value is 160 bits and a length of the safe prime number is 1024 bits. 
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1 7. The computer program product according to Claim 1 ? wherein the length of the input 

2 value is at least 160 bits and the length of the generated output sequence is at least 1024 bits. 

1 8. The computer program product according to Claim 1, further comprising; 

2 computer-readable program code means for selecting a subset of bits from the generated 

3 output sequence as a next sequential input value, wherein a length of the selected subset is 

4 identical to the length of the input value; and 

5 computer-readable program code means for generating a next sequential output sequence 
; J§ of pseudo-random bits using the next sequential input value as input to the 1-way function, 

;J? wherein a length of the next sequential output sequence is identical to the length of the generated 

^ output sequence. 

M 9. The computer program product according to Claim 8, further comprising: 

^1 computer-readable program code means for concatenating bits of the generated next 

"3 sequential output sequence which are not selected by the computer-readable program code means 

4 for selecting to the generated output sequence to form a longer output sequence of pseudo- 

5 random bits. 

1 1 0. The computer program product according to Claim 8, wherein the computer-readable 

2 program code means for selecting the subset of bits comprises selecting a contiguous group of 

3 bits. 
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1 11. The computer program product according to Claim 8, wherein the computer-readable 

2 program code means for selecting the subset of bits comprises selecting a non-contiguous group 

3 ofbits. 

1 12. The computer program product according to Claim 8, further comprising 

2 computer-readable program code means for using the longer output sequence as input to an 

3 encryption operation. 

;|1 13. A system for efficiently generating pseudo-random bits in a computing environment, 

; J | comprising: 

^ means for providing an input value; and 

?3 4 means for generating an output sequence of pseudo-random bits using the provided input 

!-S value as input to a 1-way function, wherein a length of the input value is substantially shorter than 

y|> a length of the generated output sequence. 

1 14. The system according to Claim 1 3, wherein the 1-way function is based upon an 

2 assumption known as "the discrete logarithm with short exponent" assumption. 

1 15. The system according to Claim 13, wherein the 1-way function is modular exponentiation 

2 modulo a safe prime number. 
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1 16. The system according to Claim 15, wherein the input value is used an exponent of the 

2 modular exponentiation. 

1 17. The system according to Claim 1 5, wherein a base of the modular exponentiation is a fixed 

2 generator value. 

1 18. The system according to Claim 16, wherein the length of the input value is 160 bits and a 

2 length of the safe prime number is 1024 bits. 

Jl 19. The system according to Claim 13, wherein the length of the input value is at least 160 bits 

% i 

l M and the length of the generated output sequence is at least 1024 bits. 

:s I 20. The system according to Claim 13, further comprising: 

|?3 means for selecting a subset of bits from the generated output sequence as a next 

] 4 sequential input value, wherein a length of the selected subset is identical to the length of the input 

"4 value; and 

5 means for generating a next sequential output sequence of pseudo-random bits using the 

6 next sequential input value as input to the 1-way function, wherein a length of the next sequential 

7 output sequence is identical to the length of the generated output sequence. 

1 21. The system according to Claim 20, further comprising: 
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2 means for concatenating bits of the generated next sequential output sequence which are 

3 not selected by the means for selecting to the generated output sequence to form a longer output 

4 sequence of pseudo-random bits. 

1 22. The system according to Claim 20, wherein the means for selecting the subset of bits 

2 comprises selecting a contiguous group of bits. 

1 23. The system according to Claim 20, wherein the means for selecting the subset of bits 

2 comprises selecting a non-contiguous group of bits. 

Ul 24. The system according to Claim 20, further comprising means for using the longer output 
sequence as input to an encryption operation. 

Ui 25. A method for efficiently generating pseudo-random bits, comprising the steps of: 
y2 providing an input value; and 

^ generating an output sequence of pseudo-random bits using the provided input value as 

4 input to a 1-way function, wherein a length of the input value is substantially shorter than a length 

5 of the generated output sequence. 

1 26. The method according to Claim 25, wherein the 1-way function is based upon an 

2 assumption known as "the discrete logarithm with short exponent" assumption. 
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1 27. The method according to Claim 25, wherein the 1-way function is modular exponentiation 

2 modulo a safe prime number. 

1 28. The method according to Claim 27, wherein the input value is used an exponent of the 

2 modular exponentiation. 

1 29. The method according to Claim 27, wherein a base of the modular exponentiation is a 

2 fixed generator value. 

ijl 30. The method according to Claim 28, wherein the length of the input value is at least 160 

^Jl bits and a length of the safe prime number is at least 1024 bits. 

, I 31. The method according to Claim 25, wherein the length of the input value is 160 bits and 

!*2 the length of the generated output sequence is 1024 bits. 

jn= i 32. The method according to Claim 25, wherein the length of the input value is at least 160 

2 bits and the length of the generated output sequence is at least 1024 bits. 

1 33 . The method according to Claim 25, further comprising the steps of: 

2 selecting a subset of bits from the generated output sequence as a next sequential input 

3 value, wherein a length of the selected subset is identical to the length of the input value; and 
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4 generating a next sequential output sequence of pseudo-random bits using the next 

5 sequential input value as input to the 1-way function, wherein a length of the next sequential 

6 output sequence is identical to the length of the generated output sequence. 

1 34. The method according to Claim 33, further comprising the step of concatenating bits of 

2 the generated next sequential output sequence which are not selected by the selecting step to the 

3 generated output sequence to form a longer output sequence of pseudo-random bits. 

1 35. The method according to Claim 33, wherein the step of selecting the subset of bits 

g comprises selecting a contiguous group of bits. 

:| 

i 36. The method according to Claim 33, wherein the step of selecting the subset of bits 

\ 

1 comprises selecting a non-contiguous group of bits. 

k 37. The method according to Claim 33, further comprising the step of using the longer output 

2 sequence as input to an encryption operation. 

1 38. The method according to Claim 25, further comprising the steps of: 

2 repeatedly generating additional output sequences, further comprising the steps of: 

3 selecting a subset of bits from a next prior generated output sequence as a next 

4 input value, wherein a length of the selected subset is identical to the length of the input value; 

5 and 
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6 generating a next output sequence of pseudo-random bits using the next input 

7 value as input to the 1-way function, wherein a length of the next output sequence is identical to 

8 the length of the generated output sequence; and 

9 concatenating bits of each of the repeatedly generated additional output sequences which 
10 are not selected by the selecting step to form a pseudo-random output sequence. 

1 39, An encryption system, comprising: 

2 means for providing an input value; 

3 means for generating an output sequence of pseudo-random bits using the provided input 
•A value as input to a 1-way function, wherein a length of the input value is substantially shorter than 
y$ a length of the generated output sequence; and 

3 means for using bits of the generated output sequence as input to an encryption operation. 

jU 40. The encryption system according to Claim 39, wherein the 1-way function is based upon 

iJ2 an assumption known as "the discrete logarithm with short exponent" assumption. 

1 41 . The encryption system according to Claim 39, wherein the 1-way function is modular 

2 exponentiation modulo a safe prime number. 

1 42. The encryption system according to Claim 41, wherein the input value is used an exponent 

2 of the modular exponentiation. 
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1 43 . The encryption system according to Claim 4 1 , wherein a base of the modular 

2 exponentiation is a fixed generator value. 

1 44. The encryption system according to Claim 42, wherein the length of the input value is 160 

2 bits and a length of the safe prime number is 1024 bits. 

1 45. The encryption system according to Claim 39, wherein the length of the input value is 160 

2 bits and the length of the generated output sequence is 1024 bits. 

j f 46. The encryption system according to Claim 39, further comprising: 

Ui means for selecting a subset of bits from the generated output sequence as a next 

3 sequential input value, wherein a length of the selected subset is identical to the length of the input 

.„ 4 value; and 

US means for generating a next sequential output sequence of pseudo-random bits using the 

next sequential input value as input to the 1-way function, wherein a length of the next sequential 
output sequence is identical to the length of the generated output sequence. 

1 47. The encryption system according to Claim 46, further comprising: 

2 means for concatenating bits of the generated next sequential output sequence which are 

3 not selected by the means for selecting to the generated output sequence to form a longer output 

4 sequence of pseudo-random bits; and 
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5 wherein the means for using bits of the generated output sequence as input to the 

6 encryption operation further comprises means for using the longer output sequence as the input to 

7 the encryption operation. 



a 
■is 

w 
m 

a 
u 

a 

□ 



RSW920000091US1 



